Evolution Vulnerability

2008-06-26T00:00:00
ID SECURITYVULNS:DOC:20090
Type securityvulns
Reporter Securityvulns
Modified 2008-06-26T00:00:00

Description

Application: Evolution 2.22.2 OS: Linux - Ubuntu 8.04


1 - Description 2 - Vulnerability 3 - POC/EXPLOIT


Description

Evolution is an email client that is built with ubuntu.


Vulnerability

The vulnerability works when mail is sent and specially armed with html code, this causes the client to break.

Analyzing with a debugger, you can see the failure with the following function.

0xb7a219d7 in html_engine_get_view_width () from /usr/lib/libgtkhtml-3.14.so.19


POC/EXPLOIT

The proof of concept can be done locally, when you save the following code in a html file and then load it into an e-mail from the new option "insert" and "html file", as that could verify the client is broken.

<IFRAME SRC="A"></IFRAME> <FRAMESET><FRAME SRC="A"></FRAMESET>


Juan Pablo Lopez Yacubian